cpe:/a:dolibarr:dolibarr:2.5.0 cpe:/a:dolibarr:dolibarr:2.6.0 cpe:/a:dolibarr:dolibarr:2.6.1 cpe:/a:dolibarr:dolibarr:2.7.0 cpe:/a:dolibarr:dolibarr:2.7.1 cpe:/a:dolibarr:dolibarr:2.8.0 cpe:/a:dolibarr:dolibarr:2.8.1 cpe:/a:dolibarr:dolibarr:2.9.0 cpe:/a:dolibarr:dolibarr:3.0.0 cpe:/a:dolibarr:dolibarr:3.0.1 cpe:/a:dolibarr:dolibarr:3.1.0 cpe:/a:dolibarr:dolibarr:3.1.0:rc cpe:/a:dolibarr:dolibarr:3.2.0:alpha CVE-2012-1225 2012-02-21T08:31:47.797-05:00 2012-02-24T00:00:00.000-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2012-02-21T12:57:00.000-05:00 BUGTRAQ 20120210 Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities SECUNIA 47969 BID 51956 OSVDB 79011 Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) memberslist parameter (aka Member List) in list.php or (2) rowid parameter to adherents/fiche.php.